lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20111201231441.GA3293@stainedmachine.redhat.com>
Date:	Fri, 2 Dec 2011 00:14:42 +0100
From:	Petr Holasek <pholasek@...hat.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org,
	Anton Arapov <anton@...hat.com>
Subject: Re: NUMA x86: add constraints check for nid parameters

On Thu, 01 Dec 2011, Andrew Morton wrote:

> Date: Thu, 1 Dec 2011 13:34:51 -0800
> From: Andrew Morton <akpm@...ux-foundation.org>
> To: Petr Holasek <pholasek@...hat.com>
> Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
>  "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org, Anton
>  Arapov <anton@...hat.com>
> Subject: Re: [PATCH RESEND] NUMA x86: add constraints check for nid
>  parameters
> 
> On Thu,  1 Dec 2011 12:45:07 +0100
> Petr Holasek <pholasek@...hat.com> wrote:
> 
> > This patch adds constraints checks into __node_distance() and
> > numa_set_distance() functions. If from or to parameters are
> > lower than zero, it results into oops now.
> 
> Passing negative numbers into __node_distance() sounds like a bug in
> the caller, and this patch will remove our means of detecting that bug.

That's true, but upper boundary is checked now, so why not to check lower?
Seems inconsistent to me - from this point of view even don't check anything
would be better for detecting bug in the caller.

> 
> Perhaps we need to be told more about this patch.  Is the bug
> user-triggerable?  If so, how?  How was this fault triggered? 
> Etcetera.
> 

AFAIK, neither __node_distance() nor numa_set_distance() aren't in any
path from user-space inputs. Their paramaters are based on ACPI tables
provided by HW vendors.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ